Malware Analysis Report

2025-01-19 06:38

Sample ID 231223-qzm6faeec6
Target 23977daf1ea02e798080509dba2a7bf9da0716326c758ea21fca8a3da063b30a
SHA256 23977daf1ea02e798080509dba2a7bf9da0716326c758ea21fca8a3da063b30a
Tags
irata
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

23977daf1ea02e798080509dba2a7bf9da0716326c758ea21fca8a3da063b30a

Threat Level: Known bad

The file 23977daf1ea02e798080509dba2a7bf9da0716326c758ea21fca8a3da063b30a was found to be: Known bad.

Malicious Activity Summary

irata

Irata payload

Irata family

Requests cell location

Requests cell location

Loads dropped Dex/Jar

Acquires the wake lock

Reads information about phone network operator.

Requests dangerous framework permissions

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2023-12-23 13:42

Signatures

Irata family

irata

Irata payload

Description Indicator Process Target
N/A N/A N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-12-23 13:42

Reported

2023-12-26 18:58

Platform

android-x86-arm-20231215-en

Max time kernel

2809962s

Max time network

130s

Command Line

ir.teliyam.dolme

Signatures

Requests cell location

Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

ir.teliyam.dolme

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
US 1.1.1.1:53 sdk.cheshmak.me udp
US 199.59.243.225:443 sdk.cheshmak.me tcp
GB 142.250.187.238:443 android.apis.google.com tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 admob.mehranarzani.ir udp
BE 74.125.206.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
FR 216.58.201.100:443 tcp
GB 142.250.179.228:443 www.google.com tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 ip.pushe.co udp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 1.1.1.1:53 gypxiyddiamwo udp
US 1.1.1.1:53 qdquflrsplf udp
US 1.1.1.1:53 xnghnohknxamb udp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp

Files

/data/data/ir.teliyam.dolme/databases/db_default_job_manager-journal

MD5 19cca19e47697932556b389ba5bdc231
SHA1 b6a5514f9800679079394682d6a3c42187df8016
SHA256 8b6eeece23d475a40e782013cd9454c7ad576d2f0faa02bb50d2a6e4f45cfc99
SHA512 b9b2319592a3b3318519fe576377848a541c102183d157b69fd042058f0354c3acc090fd606c325fc073923acfa67b83e28d7b487e9c5a40356e0cb6280a87af

/data/data/ir.teliyam.dolme/databases/db_default_job_manager

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/ir.teliyam.dolme/databases/db_default_job_manager-shm

MD5 cf845a781c107ec1346e849c9dd1b7e8
SHA1 b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA256 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA512 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

/data/data/ir.teliyam.dolme/databases/db_default_job_manager-wal

MD5 e1f8e871a0c61b8a23c545973445d7f1
SHA1 4e95028915c1ca28210c324eab4cccf9bbd41f51
SHA256 b0cd96fd64a850a026edbd8eb87f79d254fbf9889bba3f563e25bce0b2071817
SHA512 c5cadc33b4d214b2a1941a3c8c1fab2add85dd123bbd6605ddfafe1e352966c1cecb6bec4004e32a774f9374fe4662b9f4d9c68454408bcd3b11f6bffe3b9a24

/data/data/ir.teliyam.dolme/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/4f52a2e9-dae4-41cb-860e-b597a0fe6363.jobs

MD5 f56f328eea1d5c96a1b96dbbf59488df
SHA1 440c784cacff61932e2f61580b7cfdc3a4943c95
SHA256 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA512 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

/data/data/ir.teliyam.dolme/no_backup/com.google.InstanceId.properties

MD5 5d75f8e4b24299ec724384f19dd2d9f5
SHA1 093b1cb59f9565b1fe5d5830e4e0cb355b00785d
SHA256 e791f5db200f1bb87eee3785f49bdafd09d39fb7b93ea8dbb42e05c1d46e9f4b
SHA512 e93c012ac68c7e747e93ca5a8ca0bd835c6f5a9d3924beca5b583114ca55864595a9990265bcc2a163da38ec43ceb053d3835719c4beb22f9d379e36a4b37d78

/data/data/ir.teliyam.dolme/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/8d914a10-2f3e-458d-9a3b-5c5f535726ab.jobs

MD5 ac58f99a1b179d71e8621412ad31c6a1
SHA1 b51fdad95876f5615735c2ab411031ff67d5e946
SHA256 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512 faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b

/data/data/ir.teliyam.dolme/databases/cheshdb-journal

MD5 22f01c0b74446e8cef047dc395045b96
SHA1 cdf0a8d43c35e31333d0cf9208ee2ac325404b79
SHA256 f0f991d80cb0dd2f06876cc5c1305691f100a5c1246c64d32c4ca5b12b298c85
SHA512 6976d070fe285c145930e7a66fde2033cff301e7a84a00ab673821d4fa1f1288437684e654e8ab36187fb5d362fc9fd17b71140f36cb66ce612564c0834c5bd7

/data/data/ir.teliyam.dolme/databases/cheshdb

MD5 a0a5b7b696a3f0badb29625aee39869a
SHA1 42710bd9765df57af0a6910e358e7c4c8b0435f5
SHA256 78b4751afdfd592bafcb78c80e6ff5474462eaf402361d90d3059287e3fe250c
SHA512 89be6db217562d96512cf5f4b307dc6a4a79978292e7b9e397b47aea4ac6e7e7653c71b422a63a4b7cce75d3b94bdb8af14d02c65a852d11b17b9a07eff0cc46

/data/data/ir.teliyam.dolme/databases/cheshdb-wal

MD5 a84e979b1c705c4c594121e0b5a0baac
SHA1 9f0660fc468af8d0a39ce9862f8d6774cfee3bc0
SHA256 2bc3f3aa126b69a8e83fca1bee58637caa46ce7aef277c9d97b124ba564eb291
SHA512 0028ae57ca87bba83625a2b74c558c59a245003fd6106663b8289368c10bf1cde8845d888e556fb3ba7138ad434a4563156c7e6b3bab082e6c00f5bfe60cc1a1

/data/data/ir.teliyam.dolme/databases/google_app_measurement_local.db-journal

MD5 55dc5810a0e39da7e88623215a339834
SHA1 ffa55ff571f36789e1ac3f7e9b91b9014a0f799f
SHA256 72afe2b76566e9558ce47e39912557096922cd503e246c841ebf09c444e83a02
SHA512 e492bd2d8b5a6a895e7cbd6482a5d00c1658264a10ca560fea461cacfdc46f5cc569e55bdce367fca943051abb88dabe2347ac1618477876b13eaee80b17a098

/data/data/ir.teliyam.dolme/databases/google_app_measurement_local.db

MD5 7237409e0640cfab7bdbd429bf821a3b
SHA1 4c3da934842f8d4835dfe2a9c275a300e5123309
SHA256 5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512 c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

/data/data/ir.teliyam.dolme/databases/google_app_measurement_local.db-wal

MD5 1a21d9ffecf0d975ba502bc04f85db53
SHA1 97e35867dcc76a762b523a7d2eae4fd33d1af304
SHA256 4cfec38a821998222d4ead2ca3fb2a02198dae648f3c6af9a707ea552ffe7cef
SHA512 23f47ff90015700ac0aa481509a171b9a018401ce6923d1beb579465c484ca80daa9006ad65001005eda4b5d27f5a2a70ea0efb0633ffaac6911fc9a2c66519a

/data/data/ir.teliyam.dolme/databases/cheshdb-wal

MD5 776a9b43939831d47a7f2aac06bcd907
SHA1 64e72b66cbc954d0baa4141dca387b15f01f12d5
SHA256 7ccaa6365b8cc382f4adb2a30a6c5c7c6267c8a89dcc2fe3ed2d2c5691e1f0bb
SHA512 09172962d47301095581a0aa63eac647755fe26a24f764ebf671d630429b91a6d6d7a6e9a1a0601b5a2b3571356f67b736526af70af25f310acfbe9a8bc68bae

/data/data/ir.teliyam.dolme/databases/cheshdb

MD5 cec69cc0888d5188aa7a449c1aa063f1
SHA1 645fb73093c9c479f602e8d5016689aa26f706cc
SHA256 44a584ea465e44274ca3baba92255da6b90aede8e2a09999642b11d346186af4
SHA512 1ea079f537276020b1f1ab13aba98393d7331691f216e1226f4f559e8bab007297e8d00fad33fa571f092da603ddbd4ffbbf1fbcb2fde4928ab0eea068208f3e

/data/data/ir.teliyam.dolme/databases/google_app_measurement_local.db-wal

MD5 4782e36e59bd9774979d03bd080fa3aa
SHA1 7cb6cd32b56098ab975c08df79dbf827a3c4c4c5
SHA256 b32fc6c3333df8e35c9feaf8de792559764e5b2a307171dc4006e24bf10ed385
SHA512 d2c1ec392f6d7bd9e0a1a6b621b6fa77b1e5eeba7ee24614a576e3a448a8c425f5912d831547f9fb956e9875157c4537d02ac849b18d3d7ee37287a5cdc4dd62

/data/data/ir.teliyam.dolme/databases/google_app_measurement_local.db

MD5 c0249244e78308b41f700ba311d6dfb1
SHA1 1913e92cf2aaa0039409d759e9f923737fbb08d1
SHA256 dab545ebd8e1bf3f59215e012a6782b0f7b55df629ecd7770270c982764817b3
SHA512 ebd62d1fe41a0ed10778a4a43c885c59159fdbf0b91df125eb97e358a323e48a337d40a644468dfb06bef9e503d418ecd1534abf6f848e3cb4095ae5024c1dbd

/data/data/ir.teliyam.dolme/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/9bab0398-ec1e-4458-a499-2003f7acc1c1.jobs

MD5 c9ccc793c744896aa85014b44c66ba33
SHA1 3c5450e26a624e936d1c3424adaa41d5c52ead11
SHA256 5fb54888f9070bb602ae6eb30b695511f3c38eea42c0fcccb3fc38d112917a00
SHA512 4014163f6e154d2026988fad44d8946facbd0bc322540843e6d0ddbc45f8643b13f7a3fe7cc6c1dc739da46668ee38f061ebd70859cb4d064c6a32fea3420ded

/data/data/ir.teliyam.dolme/databases/__pushe_base_lib_db-journal

MD5 566c8ebb60b455732538b9d6c8df6b37
SHA1 63a3256dcfdc9d947d176acf4dd8dca8f4752b5b
SHA256 a819ba4777f1819bb573c385524e37088f08191d0b0ccebfdd3710c79da496cb
SHA512 ef2f2ad7d9ff4d16a9a7df13bdee1f6f57d1fb2c8632dc060dbf7e2188235d31adcea30af5572c68ed6c7681faeea112cd280a904aefe1e9d9623b706d8779b7

/data/data/ir.teliyam.dolme/databases/__pushe_base_lib_db-wal

MD5 ca7b42e3007a112325abe30b2984104b
SHA1 dd6db2fe17ce3671760690a9fafad78cd3746e79
SHA256 206f63d7db0d7c0a43fabecf0370c46d5856659eb76cf9470e0916d200beff45
SHA512 729fecb37d3df083c3d00a58ce8a74f5ccd52f92acedbd720b4a43b7b3164ff9466f90a765491393cffefc85ff109aca1cfa9e74bbb1d66ef12cd48484d1433c

/data/data/ir.teliyam.dolme/databases/google_app_measurement_local.db-wal

MD5 aa262bc4b56c482de9f9d69255d8b487
SHA1 49042a9ca920f28ef3204b1eef4cd8d044cdc0ad
SHA256 9a2928ac9523515eaa5c1ce7bbce3e76f4562649501b7d489c0a853172c38ebc
SHA512 95146e1c7d2fb68fdefb71960a230a17c3ed1cae6203a20e8a901a4ddafd383385b8db664c578072b1cfbd6b0c74bccef22f07dc4d7cbdf49930bd130a3ce7ca

/data/data/ir.teliyam.dolme/files/info.db

MD5 63fdd2dd4c671cd0379974e31bb7474c
SHA1 506295113be54e5cdd240f357b2979384f6ec653
SHA256 1001a7e31a1c9cf478610bdaf98496709f65829e42d815d64868d752428f3370
SHA512 e1e5d9e9dbadd0a594df48a4939711c92f3ed1bea0581b717da347a33d143fa4a8b57cddb3cf3adb40c5722aaf2fa986631860f20683caed55089e7c4a13969f

/data/data/ir.teliyam.dolme/databases/google_app_measurement_local.db

MD5 5d3e6d8e47fcdef48410f788e3d5da9b
SHA1 9454eb95a8265aec32118d96ce8e4349bafbe7bc
SHA256 7fdce5de48aa8d25082f57460b076512c73c3ca5fb0b9f2742a40370381bd5e8
SHA512 e33de99f3f8c3c2f766c6936addf523dab4a6c395b0efff77af7ad604c01aab641c827a6db9b22af1134532f524ddc65e3833929b8ebd0b3e5e9492272b7ac62

/data/data/ir.teliyam.dolme/databases/cheshdb-wal

MD5 9540c08f049cafc4354497495e4b20a3
SHA1 652cd7b0a81b4995dbca39da7d56e06b28efdfe3
SHA256 ab9d965659232c54fbac1475bec7cb950d884b19bd346f6aaaac0b6aaa8bc5d3
SHA512 daf6dc2d3e364bdfd5db7eced746f4a73ffa24995fad83fb276be21e26492b22da04b59ea31b2f4c9d3fb49e52be4cdac9387adea59f4a4ccf5f99a9b144c723

/data/data/ir.teliyam.dolme/databases/cheshdb

MD5 2e25afe57356bea83715bfe462bfdb88
SHA1 673b1a8de44561403265aef93279cdae2845d87b
SHA256 a2404233b4fa80bf4a1184ddec97c5a143b9ce32b234979c54c44c62c8791460
SHA512 a37c52379d6547c5a12cdb402190040d7bdb82ffced196c3e87de251c0168b928594e8bab178ee1205289ad93abe17d2c90e5144bb08e74523b495fd683c47e3

/data/data/ir.teliyam.dolme/files/info.db-journal

MD5 91434663a57fcbdf1f5087eb3da1e58b
SHA1 f5a06cd9c8b333a22ac07d3639f13ed2546c2549
SHA256 af11e5f1f61f71205bbc3584255b3ad0e14e61cced6243e6c231a699035fd9cb
SHA512 d6988a3e70831d6195021af2baa47fa65c74e700931a9bebfb21face668dd53ea25feef9a2629f3c5f08024c84f03077f7112237a494b5004e1bb5b206b96a69

/data/data/ir.teliyam.dolme/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/data/ir.teliyam.dolme/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Analysis: behavioral2

Detonation Overview

Submitted

2023-12-23 13:42

Reported

2023-12-25 04:03

Platform

android-x64-20231215-en

Max time kernel

2669848s

Max time network

164s

Command Line

ir.teliyam.dolme

Signatures

Requests cell location

Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Loads dropped Dex/Jar

Description Indicator Process Target
N/A /data/user/0/ir.teliyam.dolme/cache/1582435991586.jar N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

ir.teliyam.dolme

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 sdk.cheshmak.me udp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.232:443 ssl.google-analytics.com tcp
FR 216.58.204.78:443 android.apis.google.com tcp
FR 216.58.204.78:443 android.apis.google.com tcp
FR 216.58.204.78:443 android.apis.google.com tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 admob.mehranarzani.ir udp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 ip.pushe.co udp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
FR 216.58.201.100:443 tcp
FR 216.58.201.100:443 tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
GB 172.217.169.46:443 tcp
GB 142.250.200.2:443 tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp

Files

/data/data/ir.teliyam.dolme/databases/db_default_job_manager-journal

MD5 2d447d69399b5944e40be001263c06a0
SHA1 0d9d3822041fb38c52f4c8a9890dff4fbf7038a9
SHA256 c28f435e38b07bd7f95bde1107c9984419122c40769ee687618a40d5c1065d24
SHA512 5afeb58f1f2fa3937dd2a7cd033405c65447941f603f9efe32d967960242873d8416dc5815f6bda39ab90f8e5af4a7ed3ece982efed250074574a022984f7c9f

/data/data/ir.teliyam.dolme/databases/db_default_job_manager

MD5 eda4e5f53129dca7344c7e3f3e6d9513
SHA1 ed01e856ac998b6c3de46ac8a2a155f09d6db185
SHA256 7c4bbb192102dd3dfc3d30cd5542d9a115cbc6c52369f1630eeb9e5ea81c8e5b
SHA512 cf733d69c95b4db67de951dbd2b4f3c9b31008dd0b7f8a1d42bb14820def6b34a5bfa178d1e8cee0dafdf64531751674e7f6398743e915ef469bb97662c063a1

/data/data/ir.teliyam.dolme/databases/db_default_job_manager-journal

MD5 137cc24c1e6a227b29e2e18c02b88658
SHA1 47d36528c7646b57f5bd5ff7740d470409f73d4b
SHA256 0d6893b4bd55ee5f27cde20a05b01556b4da137159a6b9d67569fed4e5fe5142
SHA512 39d145c59e49fb345be74031608a1cfe776bfa930999a26c667867fb6aea08743fed356d0d9fc1c0fe6f1c840f6def2d1c9c111a9d7c63b4979d35006fc32f0e

/data/data/ir.teliyam.dolme/databases/db_default_job_manager-journal

MD5 0084a57b1aa89f60781e58d51667f581
SHA1 01ea9a139991512636b50104e8d45b5b6c096810
SHA256 6992cf53a8a4b1b562900693ace1a77162510a4d650bee8921ce8a964999fde3
SHA512 fb231115ba0f6d8547bd659b60ea9de3c80c05cb6de4858242aa7f42da9c422e74e758537193776498456535e12e1b46297c27e3aa7044c322531ca752403332

/data/data/ir.teliyam.dolme/no_backup/com.google.InstanceId.properties

MD5 9501787e6a361499d7f8e3b707c68709
SHA1 2ed8fd3ac2dc4bb285d504d21e5a1b8c7b673b2f
SHA256 5f6d2ad0df396ba059c90354feeed0ca1dc0065a731a71e278a48c2edcb13323
SHA512 d1653b8ce95f7a38ac10e5a5ab38b38c91e3ef1c5f669a9d07270bcae52d0a17e4061066cfd774f7df2b7475305edf27cfa75b4a6a335ed280483f581d384fcd

/data/data/ir.teliyam.dolme/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/c6e4a956-2801-40d4-a0c3-c347d0c9c1cc.jobs

MD5 f56f328eea1d5c96a1b96dbbf59488df
SHA1 440c784cacff61932e2f61580b7cfdc3a4943c95
SHA256 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA512 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

/data/data/ir.teliyam.dolme/databases/db_default_job_manager-journal

MD5 e379eb755394675061887d87d882d5c8
SHA1 95499baebed61a4d28df74a3a224dac387091a74
SHA256 7723a4cc381ec3e0e060488501a4a7d540855ea9d786447bb632113bee884bef
SHA512 c80a0870ff1a5ee199dfa10baad2b13f5bb7aabfce71370a7142fa9cb65855ab4f6973da70abe3cca3eda0cd3ccac5407ea082e1f269d4e1a09dd3e96d1c12d3

/data/data/ir.teliyam.dolme/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/21da1aad-d6f8-4582-ad8e-7aae9580cc2b.jobs

MD5 ac58f99a1b179d71e8621412ad31c6a1
SHA1 b51fdad95876f5615735c2ab411031ff67d5e946
SHA256 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512 faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b

/data/data/ir.teliyam.dolme/databases/db_default_job_manager-journal

MD5 d95f7c040234c6f041c1e61f5ad9ed3e
SHA1 8ac1a7bbec8c38bb7c56801493df321ee424fa15
SHA256 d79413d577df0de02d0711edc2b5a072a6bb097341fdf5d22a316d00befa07f6
SHA512 093ba25c446b8c6b480cb77c1e1595da46d7720fada03742c98d18a72e05487d58e69509c53991673cd8b2a02ba7e2b3d81f605d0a316daed148757ecec7a5a7

/data/data/ir.teliyam.dolme/databases/cheshdb-journal

MD5 9058c5504b81708558361a3a8cb1a74f
SHA1 2c55a43f31fbb9d88418dca9e918e646b16e1636
SHA256 692b90d7a2d9ad49e192e1c8fa03a39d3168b9a8b1f5f239bcfa86cbe7e79d55
SHA512 40d4da91c77ffe42231e88fa458fe6714be2779d1d7dafc7c05a5131117282b421c41bf919627546140f331cf1d368c22fc394e395f7e7195d56080edef4e9ff

/data/data/ir.teliyam.dolme/databases/cheshdb

MD5 163b0e3f017becbc89b9d7f330b78f09
SHA1 1ef9cd8ac8655190468d0ccece0a4738634ab0f9
SHA256 cf01452c3b494692386f6c5faac340eb3eb894bd416391002d56645aa8a9ea36
SHA512 6a85a30d16fa58a4fbbb05d469778ee69ca79deaa74316ccb5be3ee07fdf78dde22e95db3edb1b88b18478e8747047445f85baaf9556b9a1e55d9a02a80baffd

/data/data/ir.teliyam.dolme/databases/cheshdb-journal

MD5 a8e5eedeb4a6e79f9fb55de2e0eab772
SHA1 d1fb06bcafcbff4d095ff7cd3e9189baed149cc4
SHA256 af8df2c713b433e06e3bbae06b642f30fa9a3860f6775438369c1e86d2d9188f
SHA512 26d12e4889a0056f9aac0bcb2efbcb18754d3d1e066e5f69722c9b7c88cc2c2bda3b5290db4d30d0ec192c7cd8457baf96e24550b148030ba46744084acfb9c9

/data/data/ir.teliyam.dolme/databases/cheshdb

MD5 25d4a804128c6bd8e26ad39fb02a5ac5
SHA1 5f6bfbe69387b11c40d870df12886505ca8e66bd
SHA256 3c675e800f645105342aeb3476f138ca6371285c98201eabfb5bd6afccbe66e5
SHA512 6e6416be72ba5e44b04a8556b6d5b2a3b6bbcc02439290e6548acba461b27ec95874e4b22a0c73c3a01242b71eeec5bf5ff517914f29da7e22077e1443e3a55a

/data/data/ir.teliyam.dolme/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/b81f6290-3fb3-4122-8b73-7760d6b1655d.jobs

MD5 0ae9ae03b98d402c00cf5094f1ead014
SHA1 de40d45121c41db7c4fd26e8d12e5a7d9d3baff8
SHA256 d995cb06b14dc9f86fd54c92f6efd0321c34bdf40e980966a72e1947b25b970d
SHA512 9af663f1b39f9896d2b14c56192976aae2381e8f6b9a07c36844149f296a8a81b8982ac2e4b048713e82427834ea5653b3b00dcf94558b585ab93c5224abbe8e

/data/data/ir.teliyam.dolme/databases/google_app_measurement_local.db-journal

MD5 d0ba3240ab6c701d72293190db410fd8
SHA1 c4ac0b013c586c40ed260e127864020a71f9d374
SHA256 a1c971d6c41f33feba5f1944b19a5bb0662fbb6dce2e88feda25aa62a6948bf3
SHA512 e802feb29c28bf8e5ee2182e5ebf32a56184cca3d4fb43d9ca4f85b0984d159e2483c965bca1d9a00d02ae525db74bf055217a46034defe815f1fa623e26ccb7

/data/data/ir.teliyam.dolme/databases/google_app_measurement_local.db

MD5 df5162e19c4af4654c3909c24931b13b
SHA1 d89c069fcdc5e901fe14582f2df9b68347b5ea57
SHA256 d9807d85837da35583507fb6f395bf30a3fa083931c3fda33855760735d2e731
SHA512 e5eaee1a87f1b43bc3776c1430bc59ce469d5fd372b64a79429292132f34b3981b628639a62a797eb6854c5b206742cf840bd4f200a91e7c82c91c7ab7809f58

/data/data/ir.teliyam.dolme/databases/__pushe_base_lib_db-journal

MD5 eb350e13ce1847dd535c8c702371c968
SHA1 517ba44f385177b63d8e7acfdee9224934c3ac47
SHA256 8e734bd92259419dd6117cbbc9a8a3c7a5e73747e77849a6aab93d71e25b334c
SHA512 5569fba6ba81760f1f1dd88b1eb4b4374c08604cc689067141d24cd1c4dcd4a152c2f139f2a489e34bf957ace46dc04510f5e63a4be9ac9f368241b1f800f05a

/data/data/ir.teliyam.dolme/databases/__pushe_base_lib_db

MD5 ea628e04765adaf4238a5dcdff4bbd51
SHA1 a801947619ea8c368efe9c006a324dc6339ac60b
SHA256 885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4
SHA512 c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

/data/data/ir.teliyam.dolme/databases/__pushe_base_lib_db-journal

MD5 d43a43d8425ce62143629ad0f6389fec
SHA1 043d61c4f4be7de609c9e13da26fe853e5c6133f
SHA256 9559c2a2e26454a4758b490065822e45f75ff0f3822963d57a5899887f2fcf0e
SHA512 eac318976daf853b01bfb8b981fe8e92dae70b35666c2270a2ca83206d375f8fb2e5b024593322ca2d45927722658a10ea26ba7eac0e52f61672faa7fe4a8edf

/data/data/ir.teliyam.dolme/databases/__pushe_base_lib_db-journal

MD5 f1704672e40252093f01e02433684793
SHA1 6b9968a0878fb4c5d10988f719704c6ad2f2aafa
SHA256 f22ec21d4dbe6ed9245a1d6bd0a72903ec95cceb0b9c92c0c6d96dc7455fc4a9
SHA512 07e328b17b63e7cd8ba3869c940f9cad5f84c1bed0e00d7782c611a4afba464d5998d65172f8ccd6decda2959893b6705134ab5a098b70e29e5f3003b64f9b0c

/data/data/ir.teliyam.dolme/databases/google_app_measurement_local.db

MD5 2404e7c47277d3ea2b40c7370d670e33
SHA1 9e63e236bff96340141963f9af408287f34a6b9e
SHA256 065d81a307821ecc608c214fc8cc93cc748ef5096dd5a756a57c662afb079cee
SHA512 1008f368caceff2be6d9d026a8a77107eb57724edc05e2ecaf0cc067178910adc45023cff63f27038bc23f086396b84f1cf0a3cc39f4e639942c3922409e7e27

/data/data/ir.teliyam.dolme/files/info.db

MD5 9ed43f4ca768952c5722104b8d4e20f1
SHA1 244455de288e41dd7a2b0060f4f28cd13b343193
SHA256 3de8b75da1792e070b37ea81c90de52403174d0521091c706bcc57c8cd1e5f70
SHA512 10f0997bd7a4f6419c94c95be5195441a265b9f55acd620a57351a707a8938ace112a1b5f586a9129f6fe2ac1c5de67f5753b00c7ebf38a1c64a93d80d9cce7f

/data/data/ir.teliyam.dolme/databases/google_app_measurement_local.db

MD5 7aac31763b1a6ceda5da4d1f01d56198
SHA1 b1fd8c033e136585edd79221a3c8789decbe20e7
SHA256 9ef6cd726f43080134cdcf08d9620967c0aa5735f6fa6be9efe8d4ac503919c2
SHA512 e4fbbe789f31b2da6fd8d92d07ee872912e44e90e4fcb32db798f83d66bf1ffe0e0021acfd9bffafa1d49a4ed704736d89359fc952128584fc095aef01f60843

/data/data/ir.teliyam.dolme/databases/google_app_measurement_local.db

MD5 ef77e52647f801c0ff52b8c226a6f881
SHA1 83b65420b75e219254dd62221ab119195ab440a2
SHA256 dc8bbf28e8d869a98e83652bc9531b09bf9284902ce7340d10c424c4491ad8c0
SHA512 c8f8018b61d82445ea987d277119e9108a2df4c0fa4d3261f1fa8f5341726581a47e78554492547de6971b929efca2602fb392ea6d2894896580b2861b37a3ed

/data/data/ir.teliyam.dolme/databases/__pushe_base_lib_db-journal

MD5 78b669627536902be6766b05d51792dd
SHA1 61fc552e5d87e64e05e5186ac050fbcbb9cc5ea5
SHA256 fd3373be5180db781173a82eef1b0fa69f632d102a4397cd4efd7c5dc3364274
SHA512 96db9f23091b60d312b5539d1e63ce06da402df5ded60a8c0fd066ac995e0c3f61ba797f3bd729c4a952666c29b6d305c5fb1adc34bfd52e84b3bc5c52c9e7a9

/data/data/ir.teliyam.dolme/databases/google_app_measurement_local.db

MD5 16d25bafaad6d158417c16a475df3342
SHA1 19f5f3ca61d8e6187df7e380d2101d29617b6096
SHA256 fdf55fb5d0d0c487f44f35136c21584ba466445659653dccbf647d68b789d051
SHA512 f197c7ab1d5fbe0baa123a69dc07daa3b1f5e083993745fa190547601ef4109853f6476efc9ce00cb6d5ee60f1a204157be5081cd312b93caef3dc97574fbadd

/data/data/ir.teliyam.dolme/databases/cheshdb-journal

MD5 9c739d16c28402400fef380217ea57a1
SHA1 2658dac629b7217584c97912f8204ce66bcc32aa
SHA256 eb24731d9f0390e9a876fe4ddcf51d0a2ffa53ea4912e91bf1624d4e7c9dd306
SHA512 e4f27596544cfe6781686787f6d36aea12fc74b24ffd5475403ecf9350de97d40045768ea5ca999f47a42df0d7572c99f2d0c0e905552d912e90166dd29a1c39

/data/data/ir.teliyam.dolme/databases/cheshdb

MD5 80413cabe085baebd614626aae0fab60
SHA1 4a47059ec98508ac98676c51bbb10c149e468275
SHA256 1e306db6388fc7095a5fcd297f0e6c2ee1aea15e49345ddb2797f50ca91b1ff0
SHA512 b0f267e62f99ee416fc7324e65e06b2c1ce0b5b466e2fec3ebe249f49e24f31eca3e55b5ef43b5bb1db6a6702ce3d5c86b4963219e47dc520aeade2dfa1fc650

/data/data/ir.teliyam.dolme/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/user/0/ir.teliyam.dolme/cache/1582435991586.jar

MD5 fde2ee00cbd121cfab5290b078aa3ceb
SHA1 e2b77d5320e155e413d040a8c20020962065b2f8
SHA256 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512 a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

/data/data/ir.teliyam.dolme/databases/__pushe_base_lib_db-journal

MD5 49538e581f720fa7aad40acc5055fb59
SHA1 000cd84c5b50c459f0c8cdc4213c4fdbe423b91c
SHA256 baa14586fb71ed2c65d558bc238798057a2e034c6a116c801587ac3b63b945e1
SHA512 523cfde3cd72de93d37849016d1d6cf647f226405527cb55118bab87703b0a85702bec9e33e5b5230a18f93e947cd20581a78dfce3a5f4f3fe926a25a6a28fb9

/data/data/ir.teliyam.dolme/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/data/ir.teliyam.dolme/databases/evernote_jobs.db-journal

MD5 8e00d036454c29c774748b587dd36f26
SHA1 10ed627fe14c5ed806cd41cfcad31ee9ba6d4228
SHA256 3623c3a0beb6f9ac589e345e8f30d4fa5c29b526a94f9384fb45cd3e7e757c15
SHA512 14dfe8a445bbc7abd4e0ba8d5210845f88eba429727ee5d8c178645448395121d624857751c940a4e91a1d05e0858ffcc4fc3937be6c28d5105a67944b1bcab9

/data/data/ir.teliyam.dolme/databases/__pushe_base_lib_db-journal

MD5 55dbc830142f6d91878b09f2b619f800
SHA1 8f9d8a9cf87ebc37787e278d6f4b7c9ce13fb89d
SHA256 01ceb0ea627d9282ab1fd480cdb8a0fe62b6898e243fa55c39d15b853049cc26
SHA512 32d027950f7fd9b35d1e9e16514624285b92bacf6bd7fee17de8d4a7f38892b2e04c5f495b43a27d438bb4add5527f58f1bd56b84b2dfeaca9f0663c70af711e

Analysis: behavioral3

Detonation Overview

Submitted

2023-12-23 13:42

Reported

2023-12-25 04:03

Platform

android-x64-arm64-20231215-en

Max time kernel

2669892s

Max time network

151s

Command Line

ir.teliyam.dolme

Signatures

Requests cell location

Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Loads dropped Dex/Jar

Description Indicator Process Target
N/A /data/user/0/ir.teliyam.dolme/cache/1582435991586.jar N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data)

Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

ir.teliyam.dolme

Network

Country Destination Domain Proto
GB 142.250.200.46:443 tcp
GB 142.250.200.46:443 tcp
GB 172.217.169.10:443 udp
N/A 224.0.0.251:5353 udp
GB 142.250.178.14:443 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
US 1.1.1.1:53 sdk.cheshmak.me udp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 admob.mehranarzani.ir udp
BE 142.251.5.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.200.4:443 www.google.com tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 1.1.1.1:53 ip.pushe.co udp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
GB 142.250.180.4:443 tcp
GB 142.250.180.4:443 tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp
US 199.59.243.225:443 sdk.cheshmak.me tcp

Files

/data/user/0/ir.teliyam.dolme/no_backup/com.google.InstanceId.properties

MD5 fb8ab6db15ebf3b9ec5061ce14b7a1dc
SHA1 e65711a3c607c14e3caa502a55b7d19931a0ad86
SHA256 34faf6643698a03dd06012e4d77235762271bf51514d2d22180f5030cc96d48b
SHA512 b272f3cc1dfc51c900c99ef1e8b07f8597af42a7936b4830fa8b9b27fddd2adeedd59d71b11be3c47dc36d62b15412ade3da707b05e203ea97662e316ebeb8f1

/data/user/0/ir.teliyam.dolme/databases/db_default_job_manager-journal

MD5 b2f59bfb1ac45ec84e827cc8c2d94de7
SHA1 da68d30d1a2a1903d3e418fc10d653f5f40ca283
SHA256 07dd1db54a563687e6603f6bbf13e6f5a02b4af26c0b2288c18f5954482843dc
SHA512 b0d7ef249225b81b714be03154a37eba06e4d173935d5440c01a104daf0f9b64da00f85bf61f3d84102e7eadab31d3e93881a9d3d4eb15bc42690dd23a5a8ad6

/data/user/0/ir.teliyam.dolme/databases/db_default_job_manager

MD5 31120b80d5bd5ebdae68668e2f44f2c4
SHA1 0c2e446bc8d162c2968977b778aeb7b6854b94f1
SHA256 62e6efee23b1b2273154b134372dd34bd004fe63cba04d6e8d99659d11ac6b76
SHA512 8da0a516da9ca6a50d75b5f4fee5a944e4ae7e8fd69cfff20b3d7037246ba26a23bb3dd278ae987e684e285254d4517d49139a2d1353e1a10ac1fa9a229b3e51

/data/user/0/ir.teliyam.dolme/databases/db_default_job_manager-journal

MD5 dc6f5104e2f973ddd0ebda6ccea44493
SHA1 0ee36dbd3106a602b41f75d351ed0d6fdbffff91
SHA256 3860bd4d768fec8ecaec94899c22674a82716255dd4baaa8bd74b87576625f9f
SHA512 259406e8a682a9b9982ba0bd58d359a664c394ed43a8b63032bc764223a93de9da4d29df12ba93f20aa9d0f1050e5804aa039a19006c453495b1de977b8d4dfd

/data/user/0/ir.teliyam.dolme/databases/db_default_job_manager-journal

MD5 26aebb9b7e0efd7a71e6fd6f191a2470
SHA1 b5ba418df8fa41c3d62b16c3086661be7c89d44a
SHA256 6f42fd1309b80fbab8dad2b884a5effd8740a43c93f6f19b6620e3821bcb6cdf
SHA512 e201896ac03a89ea3e28fff7f79c07755b0f639f80f7c7c8647233e57b483495b02cfda7eeb22ce3ba9aee1e155a182eb187425337a9c5f4a8e416de80e44e3a

/data/user/0/ir.teliyam.dolme/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/17998f3b-3dfd-4b2c-95e6-59be8544857f.jobs

MD5 f56f328eea1d5c96a1b96dbbf59488df
SHA1 440c784cacff61932e2f61580b7cfdc3a4943c95
SHA256 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA512 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

/data/user/0/ir.teliyam.dolme/databases/db_default_job_manager-journal

MD5 2f72c8ebc943adc3b4238ef0d9972ec2
SHA1 6fc012fa21b7021ed806ec4677de40e5d36e6a98
SHA256 e0c82ec783e51c8fa3e2c67a0bbad220035a8f180527bfabeda43b6becd79bf5
SHA512 27ba48c60562c5bb6ced48c12f823e346e6c40e887827f8919e0b35115fa750ea44c80916cc2fd10851f9543a8841122f9822d58af1a10eec152f2c3d0b53ac7

/data/user/0/ir.teliyam.dolme/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/c01bb94b-398f-4e43-8f9d-e543c0609ab9.jobs

MD5 ac58f99a1b179d71e8621412ad31c6a1
SHA1 b51fdad95876f5615735c2ab411031ff67d5e946
SHA256 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512 faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b

/data/user/0/ir.teliyam.dolme/databases/db_default_job_manager-journal

MD5 de9b3a3535604fd13a516589f91a17b0
SHA1 135215376fc6490d45d3b4f406f69fd90d5142cb
SHA256 60ef1ecfa8dfd4b8b9892e1d35b61d22533311e316258bda6253eae49d2f5944
SHA512 8f74585ecaf269c3cb788e2a5976582cac57954c5e12521b7ed0106973c86d22189eeaa8363ade3a2f1020e499001991a53b64dbd2db19c86930dcf7140a1554

/data/user/0/ir.teliyam.dolme/databases/cheshdb-journal

MD5 a657c954659c280b6120ac0c0878341b
SHA1 5c3a3998719e6df22df7e46063bbadacc7256885
SHA256 dc282f8affd9f019f3278d7b3aeaec086797cae77b9a62241fb899585f2336a3
SHA512 efdbe2c28ff5b313e4756abf7d178afda3456b9170ccc4611d40bd3fb3c422bd297aa8a5b5324d68d5fa0a16d6ddfc46f721cd4a0293e475fc92e88d9a68f310

/data/user/0/ir.teliyam.dolme/databases/cheshdb

MD5 0660d3ef5f0245096a9fa0f61d6a8666
SHA1 282222362a5a05e3153b7f6b49ef35c667b19542
SHA256 1091580378b83e0ab3222d05659ab9aef1d2c65d766d5e04735b628d7a760ba2
SHA512 18bbe88051278314b76611bd68156ce60a9c3af3818d39991fa58d28bd9bcb8476eb00ef52ad8ae7d16c1d7ffcd9f2e8a858e2fd806ae59b5d85a8c3a9ca12a7

/data/user/0/ir.teliyam.dolme/databases/cheshdb-journal

MD5 2e97c340220616cd0e9c1a6dd7cbe194
SHA1 195c843011ee50721376cb15affd905ffe0b5cf8
SHA256 6e70ab91f3551823473953cdacf2966f127699df0c32f21c7723c419fcb5aa59
SHA512 f91c031e237be020340c895c874629994b260baddd6fcda5846c54ab3dde036693ee2d09b895773ee8fab82bdc0dc9b41306b13ed06923073b6e98aaa3565948

/data/user/0/ir.teliyam.dolme/databases/cheshdb-journal

MD5 ee4d89bdf1956b57fed4d743731360b5
SHA1 d0d8c4fce1ce7bae9b1e1d7df6e8ea02696f53c4
SHA256 8cb4c28de9e7eeb7961c06f68458226fe5fd1eebdec3d92e386678d13c8bcd83
SHA512 d23cd4224f5142ee2ab62b7fc2a9f869c125ac9bfbfe4d4e5174d7ebc17893112257a4bf9561fd417d02d15ba7ba99b36e0419a4f30da9ae9b325ae464c760aa

/data/user/0/ir.teliyam.dolme/databases/db_default_job_manager-journal

MD5 93e7480babef13552221d6b7bd7a4dd9
SHA1 7a41200b7211122493df492e811485325433b02e
SHA256 58a0a4e9c474aa316a0ff11fdc8126e99124f3ac134827a2a0af3e697338ee10
SHA512 64cad60fd20901779f78324e8008c4f4e5dfadc09fa95040f4533778dbd6cbfadcd5b03597bca00c21146355ba8cbfb31112a9b8fd5fabd6b4f72e46b79c6f64

/data/user/0/ir.teliyam.dolme/databases/cheshdb-journal

MD5 a9afe5b8f0c74042f854e27fd2bcbe6a
SHA1 4bc27d43b6ec400cc2cc0b158e5a66a7ab969643
SHA256 fd0e7748fc36d0389177a1f18186915addc014b81db7d2a96edd4d5eb19a76e3
SHA512 d00af71bf7882d16a8f00ffaa575c4fd6876b3a969753172f53f959adc37c2ecd411094b58c2906e5f7d0dda8864bd3e567871f81720fbd90755046550742d97

/data/user/0/ir.teliyam.dolme/databases/google_app_measurement_local.db-journal

MD5 c4dc80b9e8221e822e89c6ad16727ed4
SHA1 edd99c5753aab9df7220f04a873dc65deb7715ac
SHA256 42b2d7e53c86cdebf4aa2eceb19535e9ebe29be2bed2bc54bd063cc06d635c9b
SHA512 083e51043df500029d4730dde159522764e15ca40e738ffd2747c9f8a5a5815d05b20b5f09f96f3b44f2da3bf4bce44d606f398dfea1957dec44facee7b8c582

/data/user/0/ir.teliyam.dolme/databases/google_app_measurement_local.db

MD5 f41f531c07d4141546a531ff9caffdcd
SHA1 9dcac5aed06972d0ff6bd4cc1f1cdff85b36d3f5
SHA256 bb8dee5b5c3779f175abbd142722eb0022b98d374783aa80145b34614a4de646
SHA512 e0c8d1a820cb4c098e45776e8b50ea8c83944ef2e3f005cb0acbfc07688974d370f78100ae022f62564fc4c12acfdc43b710c18ca1c30f4f575bc08b9b12d2d4

/data/user/0/ir.teliyam.dolme/databases/google_app_measurement_local.db-journal

MD5 d644547ddae125fe4dc4e75ed7e7971b
SHA1 4a10a04e0e43e8eda81c02a2ea1c88706c6dee04
SHA256 15c1d9858172b13353510881bfbc9e54f0fc4e2b8c184e77189867e955bf354d
SHA512 f14abcedf5b04f6934a966f1f42817b5dadee64d1f3dcf71a2c59023762835e23d0b738a6baf9a08519883e984b3a008a1973c2f64a9d2ffefdbbea835a886f0

/data/user/0/ir.teliyam.dolme/databases/google_app_measurement_local.db-journal

MD5 1cf6c5b48350e8c3ef424d82a9b0113a
SHA1 40e57e9bd8d690044807130159d72caa80a8ef7e
SHA256 cfd06d8174e7499c0cbada3831ccf8da16d95c8adb8b35be10d593db1c0dc729
SHA512 2ccf80a3ff8daa6f197e1819eef265d7e7a3fc668e8e70f25ba5ed53b5b3d49c696bbb210c6e01a59f830d5e42c4d179cd8b8133cef49240e0484f05f7a64948

/data/user/0/ir.teliyam.dolme/databases/google_app_measurement_local.db-journal

MD5 3a902b11d65dea77db6b2fd269a4cb93
SHA1 ba6507309227a2e805314ce0d533c9da45ccbbd4
SHA256 ee8371a180d9d3f5bb7b1e332351082bf5876dfb646f41618a2bd96f0ab58824
SHA512 359146d1ae1ed6509bb7d10ec3b37790f21270923f1e4e258042951a36b2f0d7efec5de0fe66734d275915ca71af68c18fec17a6b1c9744abdeae7cc197183e3

/data/user/0/ir.teliyam.dolme/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/f508d91d-3b2b-4cfc-8723-580e82ffe922.jobs

MD5 34bc1367ad8db52dc1f9d1765656ca43
SHA1 05f8421a53ecaf7732d1bdad160243623a24ab2c
SHA256 f71710ea89b34e8d248e134f061d6230ee77ed31bc644a6fa85e72896d58a673
SHA512 5ffc034fdf9cc1bf25e1c349914a94d544983cf8fd0ea7272a06dd4ba6184e54e97a9a02484dde49bba789ae04840f04ca986a933ad90a45e7d7c4cf1e940e1a

/data/user/0/ir.teliyam.dolme/databases/google_app_measurement_local.db

MD5 e58741ef25dae2b0453674a116485ab2
SHA1 58a69c2943714312cae897d3431a4fc67b5a7b94
SHA256 099b7849cd70ea7c5f04f4d9a74bc307c559c3c4dd910eead3d964542b24f8c6
SHA512 5e3256d19584aaaa4c88c1c0772dffd7071afb8ae5969da168d0f0c09e92b3ee9251f653f2b6305a7dd11f02ba88e9413e78b73447596fef1a9875b0265107c4

/data/user/0/ir.teliyam.dolme/databases/google_app_measurement_local.db

MD5 755f782c16a52ec4e7d3c0249753f476
SHA1 3e31cfb0d8b63d424966044f41cda4227a2e02af
SHA256 5fd07fcbd2a782654285d470743e99613a08d9c7b2c85f099d17cbf9ef41b895
SHA512 e96f79de31625f7eaaacd6862cc34f1a7c72be880e98d59aba8d55849a0a1a75006299a669df022e1b185ffbfea3dbaa842cf41641103c6ba1605536e52f527b

/data/user/0/ir.teliyam.dolme/databases/__pushe_base_lib_db-journal

MD5 c756de27badca9d143a8501627f76b1d
SHA1 e88b564425f8f2d4e9fd4c14f64825b12ac17935
SHA256 30f4ef4d69e1928ba1c184482f564c6ac64fbc746e72524bb909e3a80dbaebcc
SHA512 add98a548d42fd449f327618ef19f8fbe91aa581182079cebab578877c79594e9cd9f4e8e01d574ab0a69725f4e635104491ab3f449e4e9993b078e7f696c3be

/data/user/0/ir.teliyam.dolme/databases/__pushe_base_lib_db

MD5 2cdf77d5c14dd3f313b60c691579a0b9
SHA1 6a74a7a3170cabead82152871c90749afdd6f310
SHA256 55ba022e5aa9eb87c256026289112e4c0531a41d0d56380fcf845de71ff99ca0
SHA512 eaf21f0acf8b98ac8bf4bce81e66a07d6a501483b141bfb7a2ef476a8dc9927ccd39971f4e0d1f7969576dbf7abb7befb3bec04e40c5a9b28fa7a2f15ae7a98c

/data/user/0/ir.teliyam.dolme/databases/__pushe_base_lib_db-journal

MD5 20102db226f37364de6e8b30d38b3ef1
SHA1 ff210e99b326edd742310160f36eaadc0c036f9a
SHA256 74c07d3197dd168164e9e46c7cb942bbf15c3c207468361db154d808968fa742
SHA512 b855975ee3b598baf688e236a306cdc5929238fc9d626c56ba90fa1fa85570b9dc54059cf9202a799ada79dff76ae8355ede46a82049a77e6f2bd7e1d02b923e

/data/user/0/ir.teliyam.dolme/databases/__pushe_base_lib_db-journal

MD5 fe428474a50e2202498424f533535eb4
SHA1 43d6c4943b277cbcd3f5a109a705dd4a978e1744
SHA256 8978a3f0f77096ef4836f4f9b644e3170712f158d2211a0f58ae3b26a5080994
SHA512 a37650307950a3253d5c4143fe1bb2888b4a5601aec2ead724f3d38c7e55335271fffa9fa9a87228d7263ca816d5aacd95b1bca938e53dfd234720cc83c18303

/data/user/0/ir.teliyam.dolme/files/info.db

MD5 9ed43f4ca768952c5722104b8d4e20f1
SHA1 244455de288e41dd7a2b0060f4f28cd13b343193
SHA256 3de8b75da1792e070b37ea81c90de52403174d0521091c706bcc57c8cd1e5f70
SHA512 10f0997bd7a4f6419c94c95be5195441a265b9f55acd620a57351a707a8938ace112a1b5f586a9129f6fe2ac1c5de67f5753b00c7ebf38a1c64a93d80d9cce7f

/data/user/0/ir.teliyam.dolme/databases/google_app_measurement_local.db

MD5 55a4f234d91d42d05342faa24df07d30
SHA1 bfbff2409d293523cd239b6af8c19f7b9eb9f696
SHA256 0ef432a76c2f4a514f33acb28afdf7c9bbbddc245c757f5ba31519b76dad9ce8
SHA512 5ebbaf8606d30698614ac54a3e2ed54b77e5297b01d89c4e7ba09f22f82d07de8c10ed30a450c00668e484bbace595c6d008e01f09336a52cdd33a7e7e4d699f

/data/user/0/ir.teliyam.dolme/databases/google_app_measurement_local.db

MD5 8d0cd16581ff038bbc5e88cff4e8ad97
SHA1 af55a06a1a75e0c5505b71c89a4959095fca7b51
SHA256 bc034e9e3e9900bd23acd68a09598e0f4fc6b44bbf09c889e1f21ee4a6094e89
SHA512 d3aabd95a96fb1a86bb7623b90df3cd435f2897f59926296d8df1a13616b7f1570562648777a3706cd62681367727247e006f9dc503868d660e87ab7e6ea612e

/data/user/0/ir.teliyam.dolme/databases/__pushe_base_lib_db-journal

MD5 6b90676bb6c03eb32ae2e22dabe463c4
SHA1 3b532ba0de74fd78976ef5a50eb2603ae96a37d4
SHA256 cfe61a4a14be6f66face62ff7f12e97f07bc1a3495317782fd1fba3e8969a4e1
SHA512 db91ca50b0ea971d71c9c375a361930a79c876da87264486ce92e6ae02db4e14c1af0c13dbba8dcf5ad527ad0794704c97c570a570c9b240c2fbb004c8affa66

/data/user/0/ir.teliyam.dolme/databases/evernote_jobs.db-journal

MD5 bacd6e39c2ea34bb91e59d797bba74cc
SHA1 b4625b99edabf4dcc09a2064830eb6fd3ed4d4f5
SHA256 fd0d2c1dd91ed3e901adb0105ce3c35d94b432d1374a14b7593abbc1e6875f07
SHA512 12edb473a78730070c96e6afcff9c333518c1003d779a58d17438f5e386ecaa972ea270d74cadc643d24bf962e21eec4d99a662ed65cb80ecde6ab3f12c2f981

/data/user/0/ir.teliyam.dolme/databases/evernote_jobs.db

MD5 58c0b6e45328752b20ac6e719ac034f8
SHA1 372b2638afd00bbbc4034657b3df3d2e428fb367
SHA256 9d74f93afa5a179b1ba2f19f154b2880aa8b99c88209802099045a0874d2426a
SHA512 2d347d5824b9ab701e341c89e8327a95fd6bab8e92ee15ce9550da368d773e22bff304072a4854df5ab763750a7401f7aa61a49e3292d62c27fa9f20536eb3ab

/data/user/0/ir.teliyam.dolme/databases/evernote_jobs.db-journal

MD5 964f2a9711d49c078fc8429be19cdfe4
SHA1 742b7db63e6a314383972f9a35907ac213b23b5c
SHA256 0e918d8c9d224a7a0d3bdef32a104266ae507ea53628a258474f3cce57cd2a7f
SHA512 c35e3985f31ed802605abc11ed820eae4f3a2a8cb5e24e9d5079d6a473e0c4256eb42c0e55202387eab5848fe656f5fff3887f0e894d26f84845a36e80b8aea2

/data/user/0/ir.teliyam.dolme/databases/evernote_jobs.db-journal

MD5 9c42262e05211a3499664602169ecc2f
SHA1 29ff01e90df2208912a9f47c91d6e1977a1a440d
SHA256 68dffb2c61e0ee69e06f9368579e95a77c0b8c51d19df6d80cee20fe2a29ddfc
SHA512 75b8d2940c23d497db6949aeae26c28a63c4b1a49d366ce1c913fd9c4283843afb3e11fc47a421604cf3a18cd95eb5cb4c7f23a0eda443a36708bf6378cb5602

/data/user/0/ir.teliyam.dolme/databases/evernote_jobs.db-journal

MD5 8ba77212251eb4a08f4f4fd65f398e91
SHA1 98a1710007fcc978420b5185bbb67cce363c2185
SHA256 dfd09651cce8c9022bdcf8a64e742ac5f440d9ab9231d9cf7cf59ed0abb9c1ed
SHA512 fe1527543cd210e2bfaa542b8b2a4515f17cb80f68af34cbe8670a4ae24523069cb54826ab9317cd85d5202ddf32cf63abffd9c8453f2db8dd5e158d0b100b4b

/data/user/0/ir.teliyam.dolme/databases/evernote_jobs.db-journal

MD5 802fbf57d042e67279d207c75123af83
SHA1 83a8dd3335819ebe6da65f2380755369b6cf53a4
SHA256 19a37cd27fe9f7ad9de95ba34e984cade84dcd4a032b3a36c51d66182c1512b7
SHA512 448684fa77a130439f6e8d84d155d89ade9581ac8f440aa819998bb9f568771c40619670e4a5a29ecd853279f7a23938d59306d11d0df73ea41d8fc7d52c2c48

/data/user/0/ir.teliyam.dolme/databases/evernote_jobs.db-journal

MD5 673d437f9bf62f20244e40a31bdf829e
SHA1 fd965d66b1ebcd1939f612fcb2c662d52efe369f
SHA256 0eb4fc67013bbc1898c73d3c6859df78d7678239806646054db6b05a8baa7ff1
SHA512 da3e7220df865518dc5de77b3db269bee6a91b932581acadf0bffb3a6cda4d52e5043298cc104dac1875fa537173a5a852760b8a259d20b5f474335c9583ee38

/data/user/0/ir.teliyam.dolme/databases/cheshdb-journal

MD5 00ba3bb763dabc86c933eb277ec13ade
SHA1 1d99b4f4d9f0c6d56301e072b4969ecd796e70f8
SHA256 01f1bf567ba09f7c6bb7d9f43dbe586dddbcdee43d798bdb12ae91a617357350
SHA512 4e3ad629ee443a239e880b6af5cb33e10614828a385c72c0cb6de37837ec7edc41bc0560d81444fda8006f7a2c63b38c6d58e6ddfcf9f4285eacfbfc97b588e5

/data/user/0/ir.teliyam.dolme/databases/cheshdb

MD5 83d459fe5531d7519234eea4b083e54d
SHA1 b20eb26fa1fa056d513c83727a58c26b7ebed0a4
SHA256 966ce9c46eddc5e3f0fc8066105a11ab4dfaa59d0877ad5fa196a674531ecbea
SHA512 23605fe2bfc6b7327f6d5d6adec6a69fdb7dbf06c3931adcb8a4b7079330a410b447de7a99a6cf74146ed7ca5272b4e52d27d94e8fff9f6bf084a4eca396797f

/data/user/0/ir.teliyam.dolme/cache/1582435991586.jar

MD5 e8e0527a01aefdb89afd2c508f131da1
SHA1 f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256 f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512 fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

/data/user/0/ir.teliyam.dolme/cache/1582435991586.jar

MD5 fde2ee00cbd121cfab5290b078aa3ceb
SHA1 e2b77d5320e155e413d040a8c20020962065b2f8
SHA256 2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512 a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

/data/user/0/ir.teliyam.dolme/databases/__pushe_base_lib_db-journal

MD5 3288a3199590c38fd6ca2a1c2b7b87c2
SHA1 6db3206eee596b2c6ee19674c20ed04e041ecca0
SHA256 6168b6bc5c8e73d43c65014365cb3358f052f9441511217ef7443b5d86125f5c
SHA512 a81615dfd57b165e17665efea87c33f6966c5c38d21e3091f44fffdcdf9d421c2f68dc91d4f016edc9592f654725568c380c0ee01993350580263ffdc6cc1f1a

/data/user/0/ir.teliyam.dolme/databases/__pushe_base_lib_db-journal

MD5 bcbf06b334d1bdab1ee0f0cef5e3bfd4
SHA1 3dde5d63d780d0bccdfa3bf46b71efb297a32fef
SHA256 9875021947ee426458a3dd7e62452b73a4a0e3d3666bd8a5c35a741d7ccd7540
SHA512 f0e76ebbb32a82931fc95bc6cb1b98ae899207c82ea6c0fc4a2f24567181607cc590041711058bb93f117d9af9f2a2ee0a51cbb7a058356d2c97708cdd9341e5

/data/user/0/ir.teliyam.dolme/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff